-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-EN-22:23.vm                                       Errata Notice
                                                          The FreeBSD Project

Topic:          Memory pages become unreclaimable

Category:       core
Module:         vm
Announced:      2022-11-01
Affects:        FreeBSD 13.1
Corrected:      2022-10-12 13:49:25 UTC (stable/13, 13.1-STABLE)
                2022-11-01 13:28:11 UTC (releng/13.1, 13.1-RELEASE-p3)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.

I.   Background

The FreeBSD kernel's VM subsystem manages system memory.  Among other
responsibilities, it provides a page allocator and maintains a pool of
free pages.  When this pool is depleted, the VM reclaims allocated pages
from a set of page queues.

II.  Problem Description

In certain workloads, allocated pages are not enqueued as they should
be, causing them to become unreclaimable when free memory is scarce.  In
some situations the memory may become available again following restarts
of services (e.g., database servers) which are triggering the bug.

III. Impact

System memory could become inaccessible to the page daemon, resulting
in less memory available for caching.  In some cases this can result in
out-of-memory process kills.

IV.  Workaround

No workaround is available.

V.   Solution

Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.

Perform one of the following:

1) To update your system via a binary patch:

Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install
# shutdown -r +5min "Installing errata update"

2) To update your system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch https://security.FreeBSD.org/patches/EN-22:23/vm.patch
# fetch https://security.FreeBSD.org/patches/EN-22:23/vm.patch.asc
# gpg --verify vm.patch.asc

b) Apply the patch.  Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.

VI.  Correction details

This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:

Branch/path                             Hash                     Revision
- -------------------------------------------------------------------------
stable/13/                              6094749a1a5d    stable/13-n252707
releng/13.1/                            4867d7d34dfd  releng/13.1-n250160
- -------------------------------------------------------------------------

Run the following command to see which files were modified by a
particular commit:

# git show --stat <commit hash>

Or visit the following URL, replacing NNNNNN with the hash:

<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:

# git rev-list --count --first-parent HEAD

VII. References

<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256507>

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:23.vm.asc>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmNhlqQACgkQ05eS9J6n
5cKKfg//f+YhLk47E5Bk/KZ07ONQ7xN0W9YZyz1P4iLc85LIaszC8+L8auwM+uR4
ufvo4ToDzbDq0v+2mHUdgQ7CVylOzAb114z8ZFADHhlBJeft5pdzm+/R3wfqADbm
VL2I6uqjsQiH41umNgZQtyQh15LBWUlvrDd7r5dGVMzU0+VXNTngP58Jn7kqiUPg
jwUQk6l/PPRLRGqX5RJHoz8traCLsd7i+58/FPyaofrtrwl97uxtcbBEcPvcXsrL
yTnTcyPHnR8lqgmNXExcOPxfMBFz0sXgfDIXebnEP+inMx4gF2U3CBJuTCww8NWV
M4R7bj1HjWw8WZV1dZUFB73qx4r51iKanYQsqFVEWl7KnhQL6zG8nCt4iPR0wiKJ
x7qIRGtXCgzZieg0fQnsNjSdjjiIQmLCOq6BTmG1X5tcLF7hAM8D42RFGSbvLhNU
cGP/1Gd1iK72VqBRCSHKhZi79//YA8lI+f3b7ORMB9Q5cmy9l0A0nMO2EpBdc7x/
0VGSXMaVaegaKGb3vXteVvmqtHAWg2NiBMgUHb3oMEXdbjsymmgkCsTciuiYDLxQ
Y/XdbtMHZi7VpZNS3Qt6wIpAEhSDxYsgf2+7/22Ni09Awn5H2/F3DCeo0dU8hWR1
gksYdLbwRI+By8hguqALkpC1lP/M8Hc/HBrEiG6OqY+OvZr43OA=
=n7Mz
-----END PGP SIGNATURE-----
